Sciweavers

ESORICS
2003
Springer

Hardware Encapsulation of Security Services

14 years 5 months ago
Hardware Encapsulation of Security Services
Hardware security modules can be used to encapsulate simple security services that bind security functions such as decryption with authorisation and authentication. Such hardware secured services provide a functional root of trust that can be placed within context of a wider IT solution hence enabling strong separations of control and duty. This paper describes an approach to using such hardware-encapsulated services to create virtual trust domains within a deployed solution. This trust domain is defined by the hardware protection regime, the service code and the policies under which it is managed. An example is given, showing how a TLS session within a web service environment can be protected and how this service can extend the secure communications into the backend systems.
Adrian Baldwin, Simon Shiu
Added 06 Jul 2010
Updated 06 Jul 2010
Type Conference
Year 2003
Where ESORICS
Authors Adrian Baldwin, Simon Shiu
Comments (0)